Skip to content
The Nexus
DossierENTITY

Elasticsearch

Coverage of Elasticsearch in the Nexus archive.

Earliest in view: May 15 · 01:55 UTCMost recent: May 29 · 21:46 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 29 · 21:46 UTCTHE REGISTER
    Lone attacker published 14 malicious npm packages mimicking popular OpenSearch, Elasticsearch libraries

    A lone attacker published 14 malicious npm packages mimicking popular OpenSearch, Elasticsearch, and DevOps libraries, using typosquatting and metadata spoofing to steal cloud credentials and CI/CD secrets. Microsoft reported the attack, which involved a credential-harvesting payload and techniques like inflated version numbers to appear legitimate, with all packages later removed.

  • TECHNOLOGYMay 15 · 01:55 UTCHACKER NEWS
    Find vendors used by any company

    A resource website that helps identify vendors and sub-processors used by companies, with a specific page dedicated to Elasticsearch. The article appears to be a directory tool for transparency around third-party service providers.